I'm seeing hundreds, thousands of these every morning in my firewall log report. These messages were virtually non-existent a month ago. Now, its nightly. The addresses are all over the map. I think somebody has written some kind of exploit script and all the bad guys are using it now.

Another bit of info. I reported the openvpn probes to several ISPs and one responded.

He said the openvpn traffic was not originating in their network. What is happening is a openvpn DDOS amplification attack. A bad guy sends an openvpn packet to me, using a false source address, and my openvpn server sends an error message back to the forged source address. Thus, I was unwittingly participating in an DDOS amplification attacked.

I enabled tls-auth and that seems to have greatly reduced the amount of erroneous tls handshake failure messages I'm sending.